
package cartagows.wsframework.wssecurity.policy.builders;

import java.util.Iterator;
import java.util.List;

import javax.xml.namespace.QName;

import org.apache.axiom.om.OMAttribute;
import org.apache.axiom.om.OMElement;
import org.apache.neethi.Assertion;
import org.apache.neethi.AssertionBuilderFactory;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
import org.apache.neethi.builders.AssertionBuilder;
import org.apache.neethi.builders.xml.XmlPrimtiveAssertion;

import cartagows.wsframework.wssecurity.policy.SP11Constants;
import cartagows.wsframework.wssecurity.policy.SPConstants;
import cartagows.wsframework.wssecurity.policy.model.HttpsToken;
import cartagows.wsframework.wssecurity.policy.model.TransportToken;

public class TransportTokenBuilder implements AssertionBuilder {
    
   
    
    public Assertion build(OMElement element, AssertionBuilderFactory factory) throws IllegalArgumentException {
        TransportToken transportToken = new TransportToken(SPConstants.SP_V11);
        
        Policy policy = PolicyEngine.getPolicy(element.getFirstElement());
        policy = (Policy) policy.normalize(false);
        
        for (Iterator iterator = policy.getAlternatives(); iterator.hasNext();) {
            processAlternative((List) iterator.next(), transportToken);
            break; // since there should be only one alternative
        }
        
        return transportToken;
    }
        
    public QName[] getKnownElements() {
        return new QName[] {SP11Constants.TRANSPORT_TOKEN};
    }
    
    private void processAlternative(List assertions, TransportToken parent) {
        
        for (Iterator iterator = assertions.iterator(); iterator.hasNext();) {
            XmlPrimtiveAssertion primtive = (XmlPrimtiveAssertion) iterator.next();
            QName qname = primtive.getName();
            
            if (SP11Constants.HTTPS_TOKEN.equals(qname)) {
                HttpsToken httpsToken = new HttpsToken(SPConstants.SP_V11);
                OMAttribute attr = primtive.getValue().getAttribute(SPConstants.REQUIRE_CLIENT_CERTIFICATE);
                if(attr != null) {
                    httpsToken.setRequireClientCertificate("true".equals(attr.getAttributeValue()));
                }
                parent.setToken(httpsToken);
            }
        }
    }
}
